ANNUAL ASSESSMENT OF THE INTERNAL
REVENUE SERVICE INFORMATION TECHNOLOGY PROGRAM

Issued on September 28, 2012

Highlights

Highlights of Report Number:† 2012-20-120 to the Internal Revenue
Service Chief Technology Officer

IMPACT ON TAXPAYERS

Successful
modernization of IRS systems and the development and implementation of new
Information Technology (IT) applications is necessary to meet evolving business
needs.† The IRS must ensure that its computer systems are effectively secured
to protect sensitive financial and taxpayer data.† The IRS also needs to ensure
that it leverages viable technological advances as it improves its overall
operational environment.

WHY TIGTA DID THE AUDIT

This audit was initiated as part of the TIGTA Fiscal Year 2012
Annual Audit Plan and addresses the major management challenge of Modernization.†TIGTA is required by
the IRS Restructuring and Reform Act of 1998 to annually perform an evaluation of the adequacy and security of IRS technology.

WHAT TIGTA FOUND

Since
last yearís assessment, the IRS has developed and implemented significant
systems, including the daily processing and database implementation projects of
the Customer Account Data Engine 2 and a new release of the Modernized e-File
system.† The daily processing project provides individual taxpayer account
information to select downstream IRS systems on a daily basis and was
implemented in January 2012. †The database implementation project will
establish a relational database that will store all individual taxpayer account
data.† It is in the testing phase and is expected to be placed into production
in late 2012.† Modernized e‑File Release 7.0 was implemented in January
2012; however, plans to retire the Legacy e-File system in 2012 were revised.

TIGTA continues to
believe that the IRSís Modernization Program remains a major risk.† Improved
controls are needed to ensure long-term success for two key systems within the
Modernization Program.† The development and implementation of new systems for
the Patient Protection and Affordable Care Act provisions present major IT
management challenges.† TIGTA suggests that the IRS continues to stress
improvements in its overall control processes and performance, including
implementing successful new systems, necessary to meet the IRSís
mission-critical goals.

The IRS
has made progress to improve information security and personnel safety;
however, it needs to continue to place emphasis on information and physical
security programs in order to ensure that policies,procedures, and
practices adequately address security control weaknesses.† Weaknesses were
identified over system access controls, configuration management, audit trails,
physical security, remediation of security weaknesses, and oversight and
coordination on security‑related issues.† Until the IRS addresses
security weaknesses, it will continue to put the confidentiality, integrity,
and availability of financial and taxpayer information and employee safety at
risk.

The
IRS IT organization envisions becoming a world‑class provider of IT
services by focusing on its people, processes, and technology.† It implemented
virtualization technology to continue to improve operational efficiency, but additional
improvements are needed.† In addition, the IT organization is effectively
working human capital issues, but improvements are needed there also.†

WHAT TIGTA RECOMMENDED

Because
this was an assessment report of the IRSís IT Program through Fiscal Year 2012,
TIGTA did not offer any recommendations.† IRS officials were provided with an
opportunity to review and comment on the report.